Lately I have been seeing spam with such DNS oddities as
MX=127.0.0.1 or MX=192.168.1.1. This is obviously purposely
misconfigured.
How can I just kill this junk on sight ? I want
to fail incoming mail based on the sender's MX
record.
--------------- Example 1
MX points to 192.168.1.1
2001-02-06 08:48:30 14Q6e2-00002E-00
misdirected.buydomains.com [192.168.1.1]: No
route to host
mail1:~$ nslookup
> set type=mx
> accessmaster.com
accessmaster.com preference = 0, mail
exchanger = misdirected.buydomains.com
accessmaster.com nameserver =
ns.buydomains.com
misdirected.buydomains.com internet address
= 192.168.1.1
ns.buydomains.com internet address =
207.32.91.110
--------------- Example 2
MX points to 127.0.0.1
2001-02-03 20:24:51 lowest numbered MX record
points to local host: giveaway.com (while
verifying <justforyou@???> from host
(anydomain.com) [154.5.39.84])
mail1:~$ nslookup
> set type=mx
> giveaway.com
giveaway.com preference = 20, mail exchanger
= mail.giveaway.com
giveaway.com nameserver =
dns.fastdnsservers.com
giveaway.com nameserver =
dns2.fastdnsservers.com
mail.giveaway.com internet address =
127.0.0.1
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Rick Ballard Rick.Ballard@???
Halifax, Nova Scotia, Canada http://www3.ns.sympatico.ca/Rick.Ballard
